Re: Bookworm and ZFS (zfs-dkms 2.1.11) data corruption bug
It is recommended by Debian ZFS on Linux Team to install ZFS related
packages from Backports archive. Upstream stable patches will be
tracked and compatibility is always maintained.
2024-01-11, kt, 02:08 Xiyue Deng <manphiz@gmail.com> rašė:
>
> Jan Ingvoldstad <frettled@gmail.com> writes:
>
> > Hi,
> >
> > It seems that Bookworm's zfs-dkms package (from contrib) has the data
> > corruption bug that was fixed with OpenZFS 2.1.14 (and 2.2.2) on 2023-11-30.
> >
> > https://github.com/openzfs/zfs/releases/tag/zfs-2.1.14
> >
> > However, I see no relevant bug report in the bug tracker - have my
> > searching skills failed?
>
> You can check the developer page of zfs-linux[1] on which the "action
> needed" section has information about security issues (along with
> version info as Gareth posted). The one you mentioned was being tracked
> in [2] and the corresponding Debian bug is [3]. My guess is that as
> zfs-linux is not in "main" but "contrib", and the issue is marked
> "no-dsa" (see [4]), there may be no urgency to provide a stable update.
> But you may send a follow up in the tracking bug and ask for
> clarification from the maintainers on whether an (old)stable-update is
> desired.
>
> [1] https://tracker.debian.org/pkg/zfs-linux
> [2] https://security-tracker.debian.org/tracker/CVE-2023-49298
> [3] https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1056752
> [4] https://security-team.debian.org/security_tracker.html#issues-not-warranting-a-security-advisory
>
> --
> Xiyue Deng
>
Reply to: